Skip to content

BvThTrd/openemr_RCE_5.0.2

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
README.md
README.md
 
 
openemr_exploit.py
openemr_exploit.py
 
 

Repository files navigation

openemr_RCE_5.0.2

Description

This exploit drop a web shell on an OpenEMR v5.0.2.1 CMS. At the end, GET the URL and run a netcat listener on the LHOST:LPORT. You will be able to do a Remote Code Execution on this server. You need to wait the Admin to change his password and it'll trigger the XSS.

Usage

usage: openemr_exploit.py [-h] [-d [DIRECTORY]] -rh RHOST [-rp [RPORT]] [-vh [VHOST]] -lh LHOST -lp LPORT [-wp [WPORT]]

optional arguments:
  -h, --help            show this help message and exit
  -d [DIRECTORY], --directory [DIRECTORY]
                        Root directory OpenEMR CMS
  -rh RHOST, --rhost RHOST
                        Remote server IP
  -rp [RPORT], --rport [RPORT]
                        Remote server PORT
  -vh [VHOST], --vhost [VHOST]
                        Remote server DOMAIN_NAME
  -lh LHOST, --lhost LHOST
                        Reverse shell IP
  -lp LPORT, --lport LPORT
                        Reverse shell PORT
  -wp [WPORT], --wport [WPORT]
                        Web Server PORT

Authors

References

About

Remote Code Execution - OpenEMR CMS v5.0.2.1

Topics

proof-of-concept exploit python3 poc rce openemr remote-code-execution openemr-shell-upload openemr-exploit openemr-vulnerability openemr-rce

Resources

Readme
Activity

Stars

1 star

Watchers

1 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published

Languages